1. Field of the Invention
The invention relates to the debugging capabilities management of communication devices, such as set top boxes and other multimedia processing devices. More particularly, the invention relates to providing secure access to and management of debugging processes and other capabilities within communication devices, such as rights to access digital media content.
2. Description of the Related Art
When communication devices, such as set-top boxes and other multimedia processing devices, are under development or need troubleshooting, developers often need to activate a debugging feature on the communication device to access RAM data, debug the operating software, and/or perform other debugging operations. However, it also is important to be able to securely manage this debugging capability, since debugging features can be an attacking point for hackers. If a hacker gains access to the debugging capability of the communication device, the hacker can modify the operating software and other code, as well as browse confidential data. For example, a hacker would be able to browse digital rights management (DRM) keys, which can allow the hacker to access the device's DRM system.
Many communication device authorization systems include an Access Token Server (ATS) for authorizing a communication device's debugging privilege. In this system, an authorized user requests debugging privileges for a communication device by providing the communication device's identification (ID) code and other information to the ATS. If the ATS approves the debugging privilege for the particular communication device, the ATS issues an access token that allows one or more debugging features to be accessed or activated within the communication device of interest. Since the debugging privilege should be limited in time, the access token is issued with a specified lifetime, after which time the communication device should securely expire the access token, thus discontinuing or deactivating any active debugging processes. However, many communication devices do not include a secure internal clock, and therefore can not securely expire access tokens used to activate debugging processes within those communication devices. Within such communication devices, if debugging privileges are not deactivated once the lifetime of the access token expires, the overall security system of the communication device can be compromised.
Therefore, it is important to be able to manage a communication device's debugging capability in a secure manner. For example, it is critical to the overall security of a communication device to be able to securely expire access tokens used to activate debugging features within the communication device.